ubuntu/+source/freetype:applied/ubuntu/trusty-devel

Last commit made on 2017-05-09
Get this branch:
git clone -b applied/ubuntu/trusty-devel https://git.launchpad.net/ubuntu/+source/freetype
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/trusty-devel
Repository:
lp:ubuntu/+source/freetype

Recent commits

86caa9a... by Marc Deslauriers on 2017-05-04

Import patches-applied version 2.5.2-1ubuntu2.8 to applied/ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 1f7e7e5e63467e9e64abfd8ba541d7d413b77984
Unapplied parent: 5ab0ecb00a6a974f59a0ec3f06f15475eed4918d

New changelog entries:
  * SECURITY UPDATE: out-of-bounds write in t1_decoder_parse_charstrings
    - debian/patches-freetype/CVE-2017-8105.patch: add a check to
      src/psaux/t1decode.c.
    - CVE-2017-8105
  * SECURITY UPDATE: out-of-bounds write in t1_builder_close_contour
    - debian/patches-freetype/CVE-2017-8287.patch: add a check to
      src/psaux/psobjs.c.
    - CVE-2017-8287

5ab0ecb... by Marc Deslauriers on 2017-05-04

Import patches-unapplied version 2.5.2-1ubuntu2.8 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 8a48ffda6d6d180251fbac777009ad1f5f22e5e5

New changelog entries:
  * SECURITY UPDATE: out-of-bounds write in t1_decoder_parse_charstrings
    - debian/patches-freetype/CVE-2017-8105.patch: add a check to
      src/psaux/t1decode.c.
    - CVE-2017-8105
  * SECURITY UPDATE: out-of-bounds write in t1_builder_close_contour
    - debian/patches-freetype/CVE-2017-8287.patch: add a check to
      src/psaux/psobjs.c.
    - CVE-2017-8287

1f7e7e5... by Steve Beattie on 2017-04-19

Import patches-applied version 2.5.2-1ubuntu2.7 to applied/ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 99ab4fc463632bc4a04f0259081b31fc83a28208
Unapplied parent: 8a48ffda6d6d180251fbac777009ad1f5f22e5e5

New changelog entries:
  * SECURITY UPDATE: heap based buffer overflow in cff_parser_run()
    - debian/patches-freetype/CVE-2016-10328.patch: add additional check
      to parser stack size in src/cff/cffparse.c
    - CVE-2016-10328

8a48ffd... by Steve Beattie on 2017-04-19

Import patches-unapplied version 2.5.2-1ubuntu2.7 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 5b19595b0fad8360130f227b2e807af2f8aa7df3

New changelog entries:
  * SECURITY UPDATE: heap based buffer overflow in cff_parser_run()
    - debian/patches-freetype/CVE-2016-10328.patch: add additional check
      to parser stack size in src/cff/cffparse.c
    - CVE-2016-10328

99ab4fc... by Marc Deslauriers on 2017-03-16

Import patches-applied version 2.5.2-1ubuntu2.6 to applied/ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 49327be1d15ad1c96d61b67a039ba687898b9fbc
Unapplied parent: 5b19595b0fad8360130f227b2e807af2f8aa7df3

New changelog entries:
  * SECURITY UPDATE: DoS and possible code execution via missing glyph name
    - debian/patches/CVE-2016-10244.patch: add check to src/type1/t1load.c.
    - CVE-2016-10244

5b19595... by Marc Deslauriers on 2017-03-16

Import patches-unapplied version 2.5.2-1ubuntu2.6 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: ba73921d8ac704d96e561206cf21f9ec6a353a61

New changelog entries:
  * SECURITY UPDATE: DoS and possible code execution via missing glyph name
    - debian/patches/CVE-2016-10244.patch: add check to src/type1/t1load.c.
    - CVE-2016-10244

49327be... by Marc Deslauriers on 2015-09-10

Import patches-applied version 2.5.2-1ubuntu2.5 to applied/ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 2f59be8c0e2cda452ba4e3d3a25585c6d5a5923b
Unapplied parent: ba73921d8ac704d96e561206cf21f9ec6a353a61

New changelog entries:
  * SECURITY UPDATE: uninitialized memory reads (LP: #1449225)
    - debian/patches-freetype/savannah-bug-41309.patch: fix use of
      uninitialized data in src/cid/cidload.c, src/psaux/psobjs.c,
      src/type1/t1load.c, src/type42/t42parse.c.
    - No CVE number
  * SECURITY UPDATE: denial of service via infinite loop in parse_encode
    (LP: #1492124)
    - debian/patches-freetype/savannah-bug-41590.patch: protect against
      invalid charcode in src/type1/t1load.c.
    - No CVE number

ba73921... by Marc Deslauriers on 2015-09-10

Import patches-unapplied version 2.5.2-1ubuntu2.5 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 9138203cbd9ebb27cee26ae0281a4d322e438630

New changelog entries:
  * SECURITY UPDATE: uninitialized memory reads (LP: #1449225)
    - debian/patches-freetype/savannah-bug-41309.patch: fix use of
      uninitialized data in src/cid/cidload.c, src/psaux/psobjs.c,
      src/type1/t1load.c, src/type42/t42parse.c.
    - No CVE number
  * SECURITY UPDATE: denial of service via infinite loop in parse_encode
    (LP: #1492124)
    - debian/patches-freetype/savannah-bug-41590.patch: protect against
      invalid charcode in src/type1/t1load.c.
    - No CVE number

2f59be8... by Marc Deslauriers on 2015-02-24

Import patches-applied version 2.5.2-1ubuntu2.4 to applied/ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 3519b12904cf1c7b28ec3c277fac8568bb04d870
Unapplied parent: 9138203cbd9ebb27cee26ae0281a4d322e438630

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via
    multiple security issues
    - debian/patches-freetype/CVE-2014-96xx/*.patch: backport a large
      quantity of upstream commits to fix multiple security issues.
    - CVE-2014-9656
    - CVE-2014-9657
    - CVE-2014-9658
    - CVE-2014-9659
    - CVE-2014-9660
    - CVE-2014-9661
    - CVE-2014-9662
    - CVE-2014-9663
    - CVE-2014-9664
    - CVE-2014-9665
    - CVE-2014-9666
    - CVE-2014-9667
    - CVE-2014-9668
    - CVE-2014-9669
    - CVE-2014-9670
    - CVE-2014-9671
    - CVE-2014-9672
    - CVE-2014-9673
    - CVE-2014-9674
    - CVE-2014-9675

9138203... by Marc Deslauriers on 2015-02-24

Import patches-unapplied version 2.5.2-1ubuntu2.4 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 6f50ea86419a3a1fee946f69907740d8abe8055f

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via
    multiple security issues
    - debian/patches-freetype/CVE-2014-96xx/*.patch: backport a large
      quantity of upstream commits to fix multiple security issues.
    - CVE-2014-9656
    - CVE-2014-9657
    - CVE-2014-9658
    - CVE-2014-9659
    - CVE-2014-9660
    - CVE-2014-9661
    - CVE-2014-9662
    - CVE-2014-9663
    - CVE-2014-9664
    - CVE-2014-9665
    - CVE-2014-9666
    - CVE-2014-9667
    - CVE-2014-9668
    - CVE-2014-9669
    - CVE-2014-9670
    - CVE-2014-9671
    - CVE-2014-9672
    - CVE-2014-9673
    - CVE-2014-9674
    - CVE-2014-9675